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U.S. Cyber Threats 

The Cyber Landscape 
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U.S. Cyber Threats 
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Why the Computer Intrusion Priority? 
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New 'Unknowns’ Hacking Group Hits NASA, 
Air Force, European Space Agency 
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A new hacking group casing ilsel! The 
Unknowns has published « Jisl of 
passwords aws flocun’ienis reperirtiy 
belonging to NASA ths European Sparc 
Agency and ihf» u.s Air f crco among 
other high -profile government targets 


Iran a more dangerous cyber threat than China or 
Russia, experts tell Congress 

“ By VISliam Jackson - Apr 26. 20-1:2 

Iran has demonstrated a. willingness to attack the United States and the 
intent to develop a cyber war capability, eclipsing Russia and China as a. 
threat to the nation, a. panel of policy and technical experts told House 
lawmakers 
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Report: Hackers 


Nortel Penetrated by Hackers Since at Least 2000 
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Iran admits Stuxnet worm infected PCs at 
nuclear reactor 

StS denies} that 'groundbreaking' malware infiltrated control systems or 
caused major damage 


Exclusive: potential China link to 
cyberattacks on gas pipeline companies 

These analyzing the cybersptes who are trying to infiltrate natural-gas pipeline companies have 
found similarities with an attack an a cybersecufity Sirm a year ago. At least one US government 
official has feiamsd China for that earlier attack. 
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Warning: New Hack Threat Leaves • %m® • w* 
illions at Risk of Cyber Attack 


'Anonymous' Takes Down Visa.com in 
WikiLeaks Protest 

By Robert SctSfen, It'S Hens 

A loosely organized group c! internet t»3CSttlvists look <fc«n Visa's wetste Wednesday, after 
organizing a sin®( alia« on JtastefCsto, 
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IT contractor indicted over oil company computer intrusion 
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Chinese hackers targeted energy 
multinationals, claims McAfee 

Computer security firm alleges attackers made co-ordinated 
intrusions into systems of five major oil and gas firms 
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Hackers Have Attacked Foreign Utilities, 
CIA Analyst Says 

By Ellen Nakas&lma .and Steven Mtrfset* 

Washington Post Staff W*it*M and WasM«§te« Post Staff Wait *** 

Saturday., January IS*. JW 



Sicjiits Personal) Technology What They Koc 



In a rare pubic wamaig to the power and tttScy SKtetry, a. CIA analyst 
dais- week said, cyber: attackers have hacked mto the compotex systems 
of t*t 8 fcy companies- outside die Uaated States and made demands* k. at 
least one case cansing -a power outage that affected, multiple cities. 
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FBI Priorities 

1 . Protect the United States from terrorist attack. 

2. Protect the United States against foreign intelligence 
operations and espionage. 

3. Protect the United States against cyber-based attacks 
and high-technology crimes. 

4. Combat public corruption at all levels. 

5. Protect civil rights. 

6. Combat transnational and national criminal organizations 
and enterprises. 

7. Combat major white-collar crime. 

8. Combat significant violent crime. 

9. Support federal, state, county, municipal, and international 
partners. 

10. Upgrade technology to successfully perform the FBI’s 
mission. 
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The Costs and Statistics 

Average time to resolve a cyber attack - 24 days 

Average cost to organizations of $591 ,780 over 
this 24 day period. 

1 02 attacks per week on average 

Malware incidents - Significantly Affected 67.1% 
of organizations (trending upward) 

Botnet infections - 28.9% (trending upward) 

Theft of laptops - 33.5% (slight downward trend) 

CSI 15 th Annual 2010/2011 Computer Crime & Security Survey 

Ponemon Institute (Third Annual) 2012 Cost of Cyber Crime Study. United 

States 
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Cyber Threat Investigation 

Cyber Threat 
Investigation (n): “Any 
action taken within the 
United States, consistent 
with applicable law and 
Presidential guidance, to 
determine the identity, 
location, intent, 
motivation, capabilities, 
alliances, funding, or 
other methodologies of 
one or more cyber threat 
groups or individuals.” 
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CTI and Net Defender Missions 


Cyber Threat Investigation 

■ Understand & neutralize 
threat infrastructure 

■ Identify Victims 

■ Attribute threat actors & 
organizations 

■ Pursue actors & 
organizations 


Computer Network Defense 

■ Prepare for attacks & 
reduce vulnerabilities 

■ Detect & analyze computer 
intrusions 

■ Learn from vulnerabilities 
exploited 

■ Manage and contain 
losses 
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Title 10 Military 
Authority 
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Hacktivist 


Although the term “hacktivist” refers to 
cyber attacks conducted in the name of 
political activism, this segment of the 
cyber threat spectrum covers 
everything from individual hackers 
seeking thrills and bragging rights to 
hacker groups such as Anonymous and 
Lulz Security (LulzSec) conducting 
distributed denial of service (DDoS) 
attacks and website defacements 
against government, corporate entities. 
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Criminal 



Organized criminal groups 
have easily adapted to 
today’s technology in 
exploiting the cyber arena. 
These groups continually 
attack systems for 
monetary gain through 
identify theft, online fraud, 
computer extortion, 
phishing, and 
spyware/malware. 
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Criminal Acts 


Laptop Theft 
Credit Card Theft 
Telecom Fraud 
Financial Fraud 
Web Site Defacement 
Denial of Service 
Unauthorized Access 
Viruses 
Insider Abuse 



System Penetration 
Sabotage 

Mobile Device Hacking 
Abuse of Wireless Networks 
Bots 

Phishing Scams 
Social Engineering 
* Exploiting Social Networks 
E-commerce 




Cyber-thieves increasingly aiming at cellphones 


Cyber criminals are mass producing 
techniques, says Verizon 


M AY m 201:2. 

APT attackers are increasingly using booby 
-trapped RTF documents 

Security experts say Microsoft Officer RTF parsing 
vulnerabilities are a common target for attackers who distribute 
advanced persistent threats 

By Lucian Constantin : IDG News Service 


targeting small- to- medium businesses 

By Lee Bell 

CYBER CRIMINALS are mass producing their attack techniques and targeting; 
smaller businesses, telecom Verizon, has warned. 


Cyber-criminals catch on to online hotel booking 
craze 

j 14.05.2012 

{ Categories: Consumer Tech, Internet. Software 
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Intentional or nnt, the end result 
is damage to ynur organization 


• Disgruntled employees 

• Excessive Access 

• Inadvertent actions 


PC Work! » Tech imdustiy 

Secftiamnd: Q ; ' 0 S; §§; 0 ssssEirasu CCemimms Fust 

Contractor Pleats Ouiliv to SCAL1A 
Tampering 

A former FT consultant for an oil and gas exploration company has pleaded guilty to tampering with 
the company's computer systems after he was turned down for a permanent position with the 
company. 


Insiders pose ’accidental' threat to business 
data, Symantec says 

Blurring lines between home and office lead to data leakage 



According to court records, Azar accessed Supervisory Control and Data Acquisition (SCADA) 
computer systems belonging to Pacific Energy Resources of Long Beach, California, and caused 
the company to lose control of its computer systems around May or June of 2008. 

Only a handful of SCADA computer intrusions have been reported, but because the systems; are 
used to control large-scale industrial systems in manufacturing plants, public utilities and the 
chemical industry, security experts; worry that tampering with them could lead to a large-scale power 
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outage or environmental disaster. 


February 08, 2013 — GSO — Valuable intellectual property is leaving companies every day and languish!! 
at insecure locations where it can scooped up by unauthorized parties. 
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Industrial Espionage 

Every year, billions of 
dollars are lost to foreign 
and domestic competitors 
who deliberately target 
economic intelligence in 
U.S. industries and 
technologies. Through 
cyber intrusions, these 
intruders search for 
intellectual property, 
prototypes, and company 
trade secrets to gain an 
illegitimate advantage in 

the market. 
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Reasons Why They'd Want to: 

Steal Customer Lists 
Steal R&D 
Cause Bad PR 
Disrupt Business 
Sabotage 
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State Espionage 



Foreign adversaries use cyber 
tools as part of traditional 
intelligence-gathering and 
espionage activities. These 
adversaries conduct 
computer network operations 
that target military and 
governmental organizations’ 
intellectual property and 
insider information. 
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Foreign Powers 
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Chinese hackers targeted energy 
multinationals, claims McAfee 

Computer security firm alleges attackers made co-ordinated 
intrusions into systems of five major oil -a nd gas firms 



Special report: In cyberspy vs. cyberspy, 
China has the edge 



Tania Bnmigan in Beijing 

guartBan.CD.iA. Friday 11 Faftruaiy 2011 08.01 £S7 
Micie history 



Electricity Grid in U.S. Penetrated By Spies 
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US Official Singles Out 
China, Russia on Cyber- 
Spying 
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Mandiant Report 

(ReleasEd February 2013) 

Various cyber actors have engaged in malicious 
activity against Government and Private Sector 
entities 

The objective of this activity has been the theft of 
intellectual property , trade secrets , and other 
sensitive business information . 

The malicious actors have employed a variety of 
techniques in order to infiltrate targeted 
organizations, establish a foothold; move laterally 
through the targets’ networks; and, exfiltrate 
confidential or proprietary data. 
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Industries Compromised - Mandiant 


• Information Technology 

• Aerospace 

• PublicAdministration 

• Satellites and 
Telecommunications 

• Scientific Research and 
Consulting 

• Energy 

• Transportation 

• Construction and Manufacturing 

• Engineering Services 

• High-tech Electronics 

• International Organizations 


• Legal Services 

• Media, Advertising and 
Entertainment 

• Navigation 

• Chemicals 

• Financial Services 

• Food and Agriculture 

• Healthcare 

• Metals and Mining 

• Education 
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support of a terrorist group or their ideology, 
through the use of computer network attack 
or exploitation. Such intrusions/attacks are 
intended to intimidate or coerce a 
government or population in furtherance of a 
social, political, ideological, or religious 
agenda by causing disruption, inducing fear, 
or undermining confidence. 


UNCLASSIFIED 


UNCLASSIFIED 


Terrorists on the Internet 


Israel cyber warfare: Hamas opens cyber front on Israel 
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Hacker* yesterday nib^upted the welseites or the?. Te ; * Aviv stock exchange and 
na$ona$ oir carrier E; As. the latest v?ct inns, of a campaign launched early this 
month by a hacker cla Hm if rcg ‘to he from Saudi Arabia 
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Cyber Jihad Fatwas to Hack and Use 
Malicious Acts 


Steganography: how aK-Qaeda Md secret 
documents in a porn video 


fey Sean GaMagher - May ?. 2812. 7:02ani CD s 


mmmm insiil 


When a suspected al-Qaeda member was arrested in Berlin in May of 2011, he was found with s 
memory card with a password-protected folder— and the files within it were hidden. But. as the 
German newspaper ore Z&t reports, computer forensics experts from the German Federal Criminal 
Police <BKA) claim to have eventually uncovered its contents — what appeared to be a pornographic 
video called KickAss." 


Osama 



data 





One of the Global Islam lie Media Front’s most popular products was a videogame called The 
Night of Gusts Capturing, tfie object of which isfo hunt and kill the President of the Unfed 
States. •/.. .... '• ... ... .. •. .. ... ,. - •.. •„ .... ... •... .- 


480 Comments _ „ 924' 


RSS 8 Email 


Prir 


UNCLASSIFIED 



UNCLASSIFIED 


What Can I Do? 

• Implement strong passwords 

• Limit the use of Privileged (Admin) Accounts 

• Protect personal/business information 

• Use caution with social networking sites 

• Use caution with email attachments and 
untrusted links 

• Apply Software Updates and Enable Future 
Automatic Updates 
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Where Can I Learn More? 


www.fbi.gov 



Intcbnkt Crime Complaint Csnieh 


www.us-cert.gov 



www. nsa . g ov/i a/_f i les/factsheets/Best_Pra 
ctices_Datasheets.pdf 
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Resources at: www.fbi.gov 
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FBI-Minneapolis Division 

Minnesota Cyber Crime Task Force 
(763) 569-8000 
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